فا

‫ Adobe Flash Player Multiple Vulnerabilities

ID:IRCAD2015023731
Release Date: 2015-02-02
Criticality level: Extremely critical
Software:
Adobe Flash Player 11.x
Adobe Flash Player 16.x
Adobe Flash Player 13.x
Description:
Multiple vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system.
1) A use-after-free error can be exploited to corrupt memory.
Note: Reportedly, this vulnerability is currently exploited in limited targeted attacks.
2) Another use-after-free error can be exploited to corrupt memory.
3) Another use-after-free error can be exploited to corrupt memory.
4) Another use-after-free error can be exploited to corrupt memory.
5) An error within the BitmapFilter class can be exploited to cause execution of a nonexistent method.
6) Another unspecified error can be exploited to corrupt memory.
7) Another unspecified error can be exploited to corrupt memory.
8) Another unspecified error can be exploited to corrupt memory.
9) Another unspecified error can be exploited to corrupt memory.
10) Another unspecified error can be exploited to corrupt memory.
11) A type confusion error can be exploited to corrupt memory.
12) Another type confusion error can be exploited to corrupt memory.
13) An error can be exploited to cause a heap-based buffer overflow.
14) Another error can be exploited to cause a heap-based buffer overflow.
15) An error can be exploited to cause a buffer overflow.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
The vulnerabilities are reported in the following products and versions:
  • Adobe Flash Player versions 16.0.0.296 and prior for Windows and Macintosh.
  • Adobe Flash Player versions 13.0.0.264 and prior.
  • Adobe Flash Player for Linux versions 11.2.202.440 and prior.
Solution:
Update to a fixed version.
References:
Adobe (APSA15-02, APSB15-04):

ZDI:
Secunia:

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 27 بهمن 1393

امتیاز

امتیاز شما
تعداد امتیازها: 0